316 matches found
VMware vCenter Converter 5.1.x < 5.1.2 / 5.5.x < 5.5.3 Multiple Vulnerabilities (VMSA-2014-0010) (Shellshock)
The version of VMware vCenter Converter installed on the remote Windows host is 5.1.x prior to 5.1.2 or 5.5.x prior to 5.5.3. It is, therefore, affected by the following vulnerabilities : - A command injection vulnerability exists in GNU Bash known as Shellshock, which is due to the processing of...
Mayhem Shellshock Infection Attempt
Mayhem uses a PHP script to drop malicious objects to the affected client...
McAfee Web Gateway GNU Bash Code Injection (SB10085) (Shellshock)
The remote host has a version of McAfee Web Gateway MWG installed that is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a...
CUCM IM and Presence Service GNU Bash Environment Variable Handling Command Injection (CSCur05454) (Shellshock)
According to its self-reported version, the CUCM IM and Presence Service installed on the remote host contains a version of GNU Bash that is affected by a command injection vulnerability known as Shellshock, which is due to the processing of trailing strings after function definitions in the valu...
McAfee Email Gateway GNU Bash Code Injection (SB10085) (Shellshock)
The remote host has a version of McAfee Email Gateway MEG installed that is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows ...
RHEL 6 : rhev-hypervisor6 (RHSA-2014:1354) (Shellshock)
An updated rhev-hypervisor6 package that fixes several security issues is now available. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...
RHEL 4 / 5 / 6 : bash (RHSA-2014:1294) (Shellshock)
Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterpris...
VMware vCenter Operations Management Bash Vulnerabilities (VMSA-2014-0010) (Shellshock)
The version of VMware vCenter Operations Manager installed on the remote host is prior to 5.7.3 / 5.8.3. It is, therefore, affected by the environmental variable command injection vulnerability known as 'Shellshock'. C Tenable Network Security, Inc. include'compat.inc'; if description...
ACSC Left of Boom Panel Tackles Resilience to Next Heartbleed
BOSTON – Heartbleed, and the rash of Internet-wide bugs that will ultimately define security in 2014, tested the resilience of enterprises worldwide. In turn, resilience has been elevated as a major talking point for companies evaluating their preparedness for the inevitable next Heartbleed-type...
VMware Workspace Portal Multiple Bash Shell Vulnerabilities (VMSA-2014-0010) (Shellshock)
The version of VMware Workspace Portal formerly known as VMware Horizon Workspace installed on the remote host is missing package updates. It is, therefore, affected by the following vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock,...
VMware NSX Bash Environment Variable Command Injection (VMSA-2014-0010) (Shellshock)
The version of VMware NSX installed on the remote host is 4.x prior to 4.0.5 / 4.1.4 / 4.2.1 or 6.x prior to 6.0.7 / 6.1.1. It is, therefore, affected by a command injection vulnerability in GNU Bash known as Shellshock, which is due to the processing of trailing strings after function definition...
Cisco ASA Next-Generation Firewall GNU Bash Environment Variable Handling Command Injection (cisco-sa-20140926-bash) (Shellshock)
The remote ASA Next-Generation Firewall NGFW host is missing a security patch. It is, therefore, affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment...
SIP Script Remote Command Execution via Shellshock
The remote host appears to be running SIP. SIP itself is not vulnerable to Shellshock; however, any Bash script that SIP runs for filtering or other routing tasks could potentially be affected if the script exports an environmental variable from the content or headers of a SIP message. A negative...
PHP 5.6.2 - Shellshock Safe Mode disable_functions Bypass Command Injection
PHP 5.6.2 - Shellshock Safe Mode disablefunctions Bypass Command Injection Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link:...
PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link: http://php.net/get/php-5.6.2.tar.bz2/from/a/mirror Version: 5. tested on 5.6.2 Tested on: Debian 7 and CentOS 5 an...
Cisco Prime Security Manager GNU Bash Environment Variable Handling Command Injection (cisco-sa-20140926-bash) (Shellshock)
According to its self-reported version number, the version of Cisco Prime Security Manager installed on the remote host is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in th...
PHP 5.6.2 - Shellshock Safe Mode Disable Functions Bypass Command Injection
PHP 5.6.2 - Shellshock Safe Mode Disable Functions Bypass Command Injection Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link:...
VMware vSphere Replication Bash Environment Variable Command Injection Vulnerability (VMSA-2014-0010) (Shellshock)
The VMware vSphere Replication installed on the remote host is version 5.1.x prior to 5.1.2.2, 5.5.x prior to 5.5.1.3, 5.6.x prior to 5.6.0.2, or 5.8.x prior to 5.8.0.1. It is, therefore, affected by a command injection vulnerability in GNU Bash known as Shellshock, which is due to the processing...
Cisco UCS Director Code Injection (CSCur02877) (Shellshock)
According to its self-reported version, the remote host is running a version of Cisco UCS Director that could be affected by a command injection vulnerability in GNU Bash known as Shellshock, which is due to the processing of trailing strings after function definitions in the values of environmen...
Bash broken shell vulnerability ShellShock and Transfiguration: for the mail server SMTP attack-vulnerability warning-the black bar safety net
Bash broken shell vulnerability, ShellShock, CVE-2 0 1 4-6 2 7 1 new using the method again! According to the Internet storm center SANS InternetStorm Center for the latest news: a broken shell vulnerability the latest The use of the method of initiation of a new round of attack is brewing, this...